Slashdot Mirror

Apparently, they are ironically named as well.

http://www.networkworld.com/ar...

Should I tell you what your reply is going to be before you make it? Right - don't use default passwords. And hopefully the company won't have a support backdoor built in.

Most regular people find passwords a pain in the backside. As well, they aren't always up on security. An inescapable fact, 20 years on. It hardly even qualifies as hacking.

.
Firefox users have been going through a difficult period for the past few years, as the Mozilla bureaucracy has boated Firefox with things like Pocket, and removed features such as efficiency and sleekness.

Now the Mozilla bureaucracy will be removing things like the Compact Classic theme, forcing the remaining Firefox users to use the rigid Australis user interface.

As Firefox again flirts with dangerous 10% user share level some are left to wonder whether Mozilla really wants Firefox to succeed, or whether Mozilla wants Firefox to die off. It appears that Mozilla has become a bloated corporate bureaucracy, more interested in prolonging and growing itself than writing world class software.

The Mozilla community now appears to serve a bloated Mozilla, Inc. bureaucracy, instead of the users of Mozilla software.

Are you a Human?

Then you are on a watchlist.

FBI checklist:
http://www.networkworld.com/ar...

Ever used tor or a vpn?
Ever posted anything anti-government?
Ever traveled outside your country?
Ever phoned/skyped/g-talked to anyone outside your country?

I have a friend, David Nelson. I've known him since we were about 10yrs old. He and 2000 other "David Nelsons" are on the TSA watchlist. That was a problem for my friend since he used to travel every week for business. After missing about 10 flights due the watch list triple-checking, he was asked to quit his job. Here's the TSA side of the story.
http://blog.tsa.gov/2008/07/my...

Firefox again flirts with dangerous 10% user share level

.
...Unless Mozilla can again retard Firefox's 12-month average rate of decline, the browser will fall under the 11% bar in December, and slip below 10% in April, joining Safari (with a 5% user share in October) and Opera (1.3%) in the single-digit club. If the trend continued even longer, Firefox on the desktop could drop under 9% as soon as August 2016. Mozilla and Firefox face a tough future: The desktop browser continues to shed share -- often quickly, sometimes at a slower pace -- and the company's mobile projects, including Firefox on Android and Firefox OS, the lightweight operating system pitched to low-end smartphone makers, have not been able to make up the difference. ...

Under the TPP, Google's contest would be criminal activity.

I love the iFixit self-repair manifesto:
http://www.networkworld.com/ar...

We hold these truths to be self evident... If you can't fix it, you don't own it.

Bravo, iFixit!

Apple has included since iOS 7 a multi-path TCP protocol http://www.networkworld.com/ar... So it should be able to continue uninterrupted.

http://www.networkworld.com/ar...
http://arstechnica.com/securit...

Who says TOR wasn't cracked long ago?

Windows 10 is already spyware. Nothing is free.

signing in with an MS account is needed to that Cortana can work

After 10 is set up you can switch to a local account, or use the non express other option to eventually use only a local account

discussed here among many other places on the web

http://www.networkworld.com/ar...

Both a friend of mine and my mom had their Nissans broken into while at my sister's house and we're pretty sure the thief used a wireless hack since neither vehicle had signs of forced entry yet both were locked. Likely it's a local kid, cameras would help catch him. Funny story though, the suitcase stolen from my mom's car had about 25 pounds of bran and a book on crafting since she was getting ready for a crafting bean bag project. That thief didn't get much :-) Here's an article that describes this a bit: http://www.networkworld.com/ar... Parking in the garage is a simply deterrent as always.

> A thief will just smash a window or pop a lock.

There are a ton of news reports over the last two years like this one:

"Recently, he was looking out his window and saw a girl hop off her bike and pull out "a small black device from her backpack. She then reached down, opened the door and climbed into my car." He ran outside and the girl split, but he was curious about the black device she used to open his Prius."
http://www.networkworld.com/ar...

Microsoft http://www.networkworld.com/ar...

And this year sysadmins are grafted by a BIND update just in time for sysadmin day.

Happy patching sysadmin day!

Small parts of systemd have Linux components.

No. Systemd has no kernel code, it uses standard Linux interfaces, open to all. Even if kdbus goes in it will not be reserved to systemd.

Overall, systemd is an extra-kernel computer system management system.

True even without the "overall"

Poettering+team once tried to submit some changes to Linux that broke Linux and Torvalds chewed them out for this.

No. systemd read the /proc/cmdline file, a linux interface available to all user-level programs. It also wrote to the system log, a linux interface available to all user level programs running as root. Systemd included no code in the kernel

He would've accepted such changes had the team submitted their work in a way that wasn't broken as it was.

As the systemd team didn't ask for any code to be included in the kernel (then) there was no question of Linus accepting it or not. He claimed he would refuse any code submissions from Kay, who hadn't made any submissions for over a year.

Small parts of systemd have Linux components. Overall, systemd is an extra-kernel computer system management system. Poettering+team once tried to submit some changes to Linux that broke Linux and Torvalds chewed them out for this. He would've accepted such changes had the team submitted their work in a way that wasn't broken as it was.

http://www.networkworld.com/ar...

You are not cracking the rolling code in the physical key chip on a car easily or for $17.00

Before you are unsure on claims, you should read up on the subject with google.

April 2013: "Sonatype's annual survey of 3,500 software developers and shows struggle in setting corporate policy on open source and enforcing it" ref

April 2013: "Control and security of corporate open source projects proves difficult | New Sonatype survey finds 80 percent of most Java applications comes from open source" ref

Nov 2014: "Software developers use a large number of open-source components, often oblivious to the security risks they introduce or the vulnerabilities that are later discovered in them." ref

April 2015: "open-source also represents a vast, unpatched quagmire of cyber-risk that’s putting public safety at grave risk. That’s the assessment of Joshua Corman, CTO at Sonatype" ref

"I think the one thing I regret the most is giving people the impression I cared about politics and getting involved in something that had nothing to do with me."

http://www.dshield.org/diary/D...

http://tech.slashdot.org/story...

http://www.dshield.org/diary/G...

https://threatpost.com/en_us/b...

https://threatpost.com/en_us/b...

http://www.itnews.com.au/News/...

http://plus.evozi.com/204/mala...

http://tech.slashdot.org/comme...

http://www.zdnet.com/linkedin-...

http://www.zdnet.com/linkedin-...

http://www.zdnet.com/au/optus-...

http://www.zdnet.com/dutch-dns...

http://www.computerworld.com/s...

https://isc.sans.edu/forums/di...

http://it.slashdot.org/story/1...

http://www.dshield.org/diary/g...

http://www.dshield.org/diary/N...

http://www.dshield.org/diary/L...

http://www.dshield.org/diary/D...

http://www.networkworld.com/ne...

* "Read 'em & weep" STILL more are coming (since that's only partial on my end, and the future WILL SHOW MORE without doubt)... & that's only SOME of the exploits DNS has experienced, I don't have them all but those will do!

(Simply facts supporting my former posts on the subject of DNS issues -> http://tech.slashdot.org/comme... AND http://tech.slashdot.org/comme... as I promised in it, to show the RAMPANT EXPLOITABILITY of DNS vs. my program AND WINDOWS protecting hosts perfectly...)

APK

P.S.=> You can't win, accept it... apk

You're a bit behind the times. Both Linux and OS X are now more vulnerable operating systems than Windows.

Show me one Linux vulnerability in the last year that didn't require a highly skilled attacker combined with a set of highly unlikely conditions, or rely on the system to be poorly configured. Hell, forget the year limit. Show me one from within the last decade. Good Luck!

I guess you've forgotten about this. Or you can search for ShellShock or Heartbleed. And then there are the kernel bugs that cause race conditions last December, or last May's bug that allows users to get privileged access or do a DoS, not too good in a shared hosting / shared server environment. This bug has nothing to do with a "poorly configured system". It's a flaw.

Here's the security vulnerability list for the linux kernel for 2014, with 133 bugs.

Some of these bugs made the evening news, so I don't know how you missed them all,

... prior to all security updates ceasing a year ago.

Not entirely true.

I don't use iTunes. I use surplus Windows XP machines to host security cameras around the house.

I still get updates for my Windows XP machines. I applied a registry hack that makes them appear to be embedded machines, like an ATM or stuff.

"We are assured that rapid progress will soon bring self-driving electric cars,

Uh....

hypersonic airplanes,

Well...

individually tailored cancer cures,

cough-cough

and instant three-dimensional printing of hearts and kidneys.

You see...

We are even told it will pave the world's transition from fossil fuels to renewable energies,"

Aww screw it.

Could there have been worse examples of "LOL those crazy promises!"?

Microsoft: We're not vulnerable to DDoS attacks

http://www.networkworld.com/co...

PERTINENT QUOTE/EXCERPT:

"At Microsoft we have robust mechanisms to ensure we don't have unpatched servers. We have training for staff so they know how to be secure and be wise to social engineering. We have massively overbuilt our internet capacity, this protects us against DoS attacks. We won't notice until the data column gets to 2GB/s, and even then we won't sweat until it reaches 5GB/s. Even then we have edge protection to shun addresses that we suspect of being malicious."

---

Why attackers can't take down Amazon.com:

http://money.cnn.com/2010/12/0...

PERTINENT QUOTE/EXCERPT:

"So Amazon (AMZN, Fortune 500) has spent years creating and refining an "elastic" infrastructure, called EC2, designed to automatically scale to handle giant traffic spikes... But Amazon's entire business model is built around handling intense traffic spikes. The holiday shopping season essentially is a month-long DDoS attack on Amazon's servers -- so the company has spent lavishly to fortify itself."

---

Investing in one of THESE is a big help:

DDoS Appliances:

http://www.google.com/search?s...

Because DDoS/DoS CAN be stopped (Microsoft & Amazon are setup PERFECTLY vs. it in fact, read on below on that note)!

---

Use of CDN *might* help too - to distribute loads & "attack surface area" which helps also! Use of TCP vs. UDP (vs. DDoS by DNS Amplification attacks *may* help, but it doubles your overheads).

* There's also LOADS of settings that I know of (for Windows systems @ least) that help mitigate this as well & SHOULD be part of 'security-hardening' vs. such attacks also.

APK

P.S.=> There's plenty you CAN do vs. DDoS, but you've got to have the coin/dead-presidents to setup such a network (per AMAZON & MS above) ...

... apk

Here's a transcript: http://libreplanet.org/wiki/GN...

And an article written about the keynote: http://www.networkworld.com/ar...

(Thanks to 2 AC's for pointing these links out.)

The whole event was recorded and streamed, so the keynote video should be available some time soon.

(I can't see any reason why the article summary didn't include the link.)

http://www.networkworld.com/ar...

My life belongs to me, and if it sucks, I want to end it without any interference from religious morons and brainless public administrators like Ms. Barber. Removing the means of suicide does not solve or prevent the real problem: people have less and less reasons to live.

Why should I live and get education when engineering is off-shored to brainless indians and chinese?
Why should I live and contribute to knowledge if science and research is constantly mocked, ridiculed and deprived of funding?
Why should I live when I've been treated as a insignificant cog in a corporation (which is now true for everything - even universities are run like a business)?
Why should I live when some female bitch, whose mental capacity was enough only to graduate from an obscure secondary school in a german village, is sitting in EuroParliament and blathering about shutting down nuclear fission and fusion research?
Why should I live when postdocs are lasting months? What useful science could possibly be done in couple of months?!
Why should I live when even art and music became a commodity, and are forced to cater to lowest form of human waste?
Why should I live when imbecile politicians want to turn the whole country into a large maximum security prison?!

I want to kill myself not because I cannot cope with pressures and competition, but because stupid MBA morons hijacked the system and gained power over creative and talented people. Remember those socialized schmucks who bullied and ridiculed you in high school and universities? Now they are MPAs, MBAs and your bosses - they hate you and want to crush you, because deep inside they realize that they are worthless earthworms compared to creative people. I worked hard to solve difficult problems and hence earn my Ph.D. in electrical engineering, but thanks to banksters and businessdicks, the long-term postdoc positions have vanished and even short-term postodcs are nearly impossible to find anywhere in the world.

My life belongs to me - not to a district attorney or moronic MPA. And when I want to end my life, I want my decision to be respected. It is not difficult to implement: farmers already use Controlled atmosphere killing for animals slaughter - inhaling inert gas guarantees a painless and quick death within minutes. You don't even have to build any new buildings or suicide booths - morgues are perfectly fine and can easily cope with those who want to voluntary end their lives.

Instead of stupid regulations, how about giving more reasons to live and removing the reasons for suicide? Or at least simplifying the whole process of ending one's own life? It is harder than writing useless regulations, for sure, and requires substantially more brainpower than a typical MPA possesses, but we still have some smart, educated, thinking people on this planet, aren't we?!

I would like to know what the US Gov's real objectives are in funding Tor in the first place.
Call me cynical but I have a hard time believing its truly altruistic.

Its not altrustic. Tor was created to provide cover for spies. The fact that other people can get benefit out of it is actually good for the spies, if only spies used Tor they would stick out like a sore thumb. The more 'normal' traffic, the easier it is for them to blend in.

[Backdoors are hard to find.] At this point with the exiting statement of the developers only a fool would trust Truecrypt with anything important.

Let's see: only a fool trusts things that actively lose data. (ie, bitrot, or email systems used by important people. If it's important, have 2+ independent copies)

So let's posit that TC is "sane", that it doesn't actively corrupt your data (Actual disk bitrot is another matter.)

Is it secure? (Ignoring keyloggers, CPU tampering, OS-file I/O interception, not to mention on-bus DMA controllers that have direct access to physical memory, and other out of band things? You could argue they need to detect this but they aren't an A/V vendor and you do halfway have to trust your hardware. Oh, visit CC PIN hacking via a IR camera to see your hardware "betray" you.)

Well, given a correct encryption key, things work correctly; given seemingly any incorrect key, things don't -- a very good start. So they need to protect the working in-memory key (because it's game-over if not.) They erase it if enough idle time has passed and try to keep it from being swapped out to disk. Process memory isolation is great, but in both cases the OS itself can do whatever it wants. So you have to trust the OS, at least a bit.

So, what everybody actually means: is the encryption secure? Can someone who doesn't know my password read my data due to stupid password handling, bad encryption routine choices (ROT-26), or leaky code of good routines? (Say perfect AES file encryption, but the unencrypted source file moved to the recycle bin, never mind about any corruptible buffer or stack overflows. [That's an example; TC doesn't encrypt single files.] ) Are there password collisions, ie password are actually case-insenstive? or silently truncated after 2 characters?

I suspect that you're (humans) the weakest link because of the XKCD wrench, an easily guessed password, or your likes/habits that could lead to your password. If you can't type your password it's not going to work, and you have to remember how to type it.

It seems to boil down to do you trust the vendor to act in good faith every step of the way? Let's see: -anonymous vendor, +access to source code that compiles to the released binary, +routine usage that makes sense, +updates over time, -weird final message. Personally, i trust them more than MS's native BitLocker, which is sane but has a (understandable) business-released AD key recovery function. (It's not your data but the companies, and they have keys to continue read it.) But is BL actually secure? Dunno, can't tell; we have to trust MS completely on that.

If it (TC v7.1) was good to use the day before sunset, it was good to the use day after too, until known problems arise or non-OS support kills it. But YMMV -- trust whom you see fit. So being curious: what are you using, if not TC?

See subject: It, unlike IE of any version & FF/Chrome too (minus addons afaik) has ALWAYS had "by site" preferences such as Cookie control, Mask or Identify as (insert browser here), Enable plugins (ONLY ON DEMAND, meaning YOU have to activate them manually, ala Flash vids etc.), Javascript, IFrames/Frames, & Send referrer information AS YOU SEE FIT only AND with individual settings for EACH site as you see fit...

Good stuff!

E.G. - YouTube told me "YOUR BROWSER IS DEPRECATED" since they also moved to HTML5 video playback: Guess what?

From those features I just extolled, I used "Identify As FireFox" & voila: I am STILL able to play videos there, AND USE OPERA 12.17 64-bit, using Flash (though it blows due to security problems galore constantly, lol)...

Funniest part is, this older version of Opera's HTML5 capable too but YouTube's apparently *trying* to "kill it by force", & those options (most flexible of ANY browser I've ever seen, even vs. Chromium on the commandline) saved me...

Question is - for how long though?

* I can't BELIEVE Jon Von Techzner dropped the PRESTO engine like he did!

(... & I wish he'd "Open SORES" it... I'd be on it like "white-on-rice" to fix the ONLY part that was 'wrong' with it (strong adherence to EMCA script/javascript standards, so SOME sites won't render 'properly'... no big deal to me - I only use JavaScript @ online banking or shopping/e-commerce sites, or test-taking sites etc. that demand it along with cookies))

APK

P.S.=> I have VERY HIGH HOPES for "Vivaldi" from him -> http://www.networkworld.com/ar... which, already from that link & the performance tests in it, debug-code & all, is outracing or keeping pace with FULL release Chrome, IE, & FF - now: IF he puts in the featureset he had in the older version of Opera I use? It WILL be my new browser (even if Chromium based like the newer "Chopera" is, which I have *not* tried)... apk

http://www.cnet.com/news/ex-op...

APK

P.S.=> I haven't tried it myself, but if it has all the niceties of "OLD Opera" (such as by site preferences - my personal favorite)? Then, it's going to be great - that's a "tech preview" but from what I've seen, it's already, debug-code & all, up there in performance with the other major browsers-> http://www.networkworld.com/ar...

... apk

This is bad. Research has shown that extra crypto operations needed for DRM will add to energy consumption and contribute to global warming. This is an immoral product!

They are using the WhiteKnightTwo with a unmanned rocket payload for orbital launches.

Branson wrote in his blog that the company is working to build a two-stage rocket, known as LauncherOne that would air-launch launch from the companies existing WhiteKnightTwo aircraft at about 45,000 to 50,000ft.

“LauncherOne will be built using advanced composite structures, and powered by our new family of LOX/RP-1 liquid rocket engines. Each LauncherOne mission will be capable of delivering as much as 225 kilograms (500 pounds) to a low inclination Low Earth Orbit or 120 kilograms (265 pounds) to a high-altitude Sun-Synchronous Orbit, for a price of less than $10M,” Branson wrote.

So far the responses to this post indicate that Slasdot should change it's name to Slashdolt because of the shear stupidity of what's being said. The first post is by Frosty Piss, and he is living up (or more accurately down) to his name. It seems like the nerds have been displaced by drooling fools.

I'm starting to wonder if I should waste my time on the likes of you.

First Cash for Clunkers, now this. Stop helping! Just get out of the way. The market will work.

Oh and as Eric once said, "Fuck the FCC!"

The market only works when it isn't crippled by crony regulations preventing competition. Just this month T-mobile announced mobile data carryover and guess what appeared on my AT&T bill? That would never have happened.

Although my local cable provider has some competition and has "doubled their speeds" you can bet they wouldn't have done that without encroachment from Google Fiber or AT&T's fiber to the press release announced last year.

But there are still numerous areas such as Chanute, KS that are fighting to build their own infrastructure b/c the local telcos have a monopoly and won't build there but are being taken to court over it.

First result:

http://www.networkworld.com/article/2226688/wireless/drone-crashes-into-triathlete--operator-blames--hacker---victim.html

Drone crashes into triathlete; operator blames 'hacker,' victim
'My hair was completely red with blood'

Network World | Apr 7, 2014 11:39 AM PT

Apparently the GOP can't even keep its own web site from getting hacked. I go to GOP.com and I get a U.S. right-wingnut political party. So will this hoodie become an anti-Sony statement the way plush Snowden the Snowman toys became an anti-NSA statement?

Don't tell me I'm wrong until you've written your FA and got the admin bit.

ALERT: Basement-dwelling Wikipedia admin at work (above).

Here's some data about data for you, Maury -- from IDC, a leading technology analyst firm. http://www.networkworld.com/ar... Between 2010 and 2014, the cost-per-bit delivered over the Internet has fallen about 58%. If we assume that curve continues the same way back to 2005, then we can assume that bandwidth costs have come down about 80% to 85% since 2005. So, if you say that total bandwidth on Wikipedia and related projects from 2005 has increased about 15 to 20 times, then the Wikimedia Foundation budget for this function should have increased about threefold or fourfold, given the relative cost discount. Guess what? I believe that it (approximately) has done just that -- with the WMF earmarking for bandwidth from about $500K in 2005 to over $2 million in 2014.

Therefore, we can conclude that the WMF increasing its overall budget from $800K to $47,000,000 represents a staggering excess bloat that has absolutely NOTHING to do with increased bandwidth or server load.

Because credentials matter to people that will hire you:
http://www.networkworld.com/ar...
Computer Science (CS)Rank: 8; Starting salary: $59,800; Mid-career salary: $102,000

Median salary for a non-degreed programmer is lower and chances for promotion are poorer and chances of getting hired in the first place as a programmer are lower if you don't have some kind of degree. With no degree, you'd likely have to work your way into that from some lower-ranked position.

Also because a CS degree really does expose you to different things that just programming does. You wind up knowing things that you're unlikely to discover on your own in a programming job, or likely to take much longer to discover.

I agree a CS degree may not be the best course. Software engineers start higher and have a higher median salary so that's probably a better use of a college education if you're able to take that path.

An associate's degree may also be a good compromise because it's a lot cheaper, quicker and has lots of formal training focused on core skills rather than the sprawling educational experience that is any four year degree.

Also an advantage of the associate's degree is that you can apply that as credit toward a BS if you later decide that you want or need more credentials to get the job you want.

But the idea that you are going to learn enough to be usefully employable in a couple of months is not realistic. With a background in a social science field, he's got some understanding of basic math and probably a good grounding in statistics and how to do research and maybe formal logic if he's lucky. He won't be able to become a competent-enough-to-hire programmer without years more study, whether or not it's self-study. He should think about leveraging what he knows. A MS in any science field has studied and (if he was a good student) knows a lot of different things that he can apply to jobs in many fields. But unless he has done quite a bit of programming, that's not one of them.

Broadband infrastructures were recently assessed and the USA came out near the top,

BAHAHAHAHAHAHAHAHAHA

And also

BAHAHAHAHAHA.

Fifteenth in per-capita broadband penetration is terrible for the country that invented the internet, and we're only headed in the wrong direction. And if the FCC gets their way and gets to reclassify broadband as 10Mbps, which is realistic today, then we'll slip even further.

Last I heard, Debian was not going with systemd. There was a link and discussion here last week which I believe was this article. Conflicting information abounds on this. Last year there was a vote to go with Upstart, but that never happened. Allegedly a decision should be out by the 30th, but even if it's decided it may not materialize just like Upstart. I'm sure people are watching the reaction to Redhat/CentOS before making a move.

You may some good points, and we address a right to free speech in the main article.

I believe there is a right to anonymous speech, but when you're paying someone else to speak for you, and you're trying to influence the political process, that may be different.

An anonymous poster on Slashdot generally isn't trying to be something he's not. Anonymous speech online (or elsewhere) generally doesn't carry with it an air of credibility that advocacy groups and think tanks try to project.

I should also note that our reporting looked at groups both in favor and opposed to strong net neutrality rules. Generally, groups in favor of net neutrality got better transpaIrency grades, but we looked at both. We weren't targeting one side, and a handful of pro-net neutrality groups received mid-level or lower grades.

[Here's our sidebar rating the groups.

Finally, our reporting, while taking a lot of work, didn't really unmask or shame anyone. We used information that was generally publicly available from the groups, if in many cases, hard to find. I'm not sure how that amounts to shaming.

Grant Gross
Reporter

Still, some big-name advocates of strong net neutrality rules also have limited transparency mechanisms in place.

And who exactly are they and where is your proof of their limited transparency mechanism? Do you have actual specifics or simply vague FUD?

We rate the groups based on objective measures in this story.

Grant Gross
IDG News Service Washington correspondent

Unless things have changed dramatically*, there are rules that make it harder to use commercial cloud computing, as not all can guarantee that the services will only be hosted in the U.S.

Almost everything you do in Amazon is by region - certainly any EC2 servers you use directly are. Scaling up to thousands of servers in a region is easier than you think with the tools available now - EC2 is a mature ecosystem these days. Plus there's this, which you may have heard of.

Want a front-end behind a load balancer that adds servers as load grows, and gives them back when is shrinks? There's hardly any coding involved. If you have non-transactional data, like TFA, you just use their NoSQL DB and, seriously, just type the IOPS you need into a box (though it's hard to make that part elastic). For "year make and model"-indexed recall data, that data will all fit in memory on cache servers, so just stand up some memcached (or something more modern) in front of the DB.

This stuff is only hard if you're on a really tiny budget.

Instead of a handful of product managers, engineers and marketers working directly with those SVPs on a customer hardware/software solution, engineers are now split off into separate business units, making product development coordination more cumbersome and perhaps elongating development cycles.

from articles like NetworkWorld's Cisco reorgs trimming SVP ranks .

Separating engineering from marketing's' "Yes, we can - and by tomorrow night, too!" is far and away the best primer for a vaporware pump.

But hey...corporate longevity is as nothing compared to the need to provide current senior executives and large shareholders with maximum returns; somebody else can part out the wreckage.

http://www.networkworld.com/ar...

Never mind that Apple computers and devices are surging in the enterprise enivornment because it has more secured OS unlike a more popular OS that provides me job security.

Hello,

What NetworkWorld freelancer Andy Patrizio complains about, cruft or OS decay, in the RTFA was largely addressed by Microsoft in Windows 8.

Microsoft worked in depth with silicon developers (i.e., the folks who make chips/chipsets for various things that require drivers like motherboards, videocards, network adapters and so forth) as well as software developers that used drivers (anti-malware, encryption, backup and so forth) to ensure not just that installation and removal went smoothly, but that performance was within acceptable levels, which in particular had been a problem for some of the bloatier anti-malware programs often seen pre-loaded onto consumer-targeted PCs, not just during startup and shutdown, but also during common day-to-day activities.

Since Mr. Patrizio didn't bother to use Windows 8 for any length of time, though, he didn't find out about the performance improvements, which, I suppose, is why we are commenting on his rather sad polemic.

Regards

Aryeh Goretsky

Hello,

What NetworkWorld freelancer Andy Patrizio complains about, cruft or OS decay, in the RTFA was largely addressed by Microsoft in Windows 8.

Microsoft worked in depth with silicon developers (i.e., the folks who make chips/chipsets for various things that require drivers like motherboards, videocards, network adapters and so forth) as well as software developers that used drivers (anti-malware, encryption, backup and so forth) to ensure not just that installation and removal went smoothly, but that performance was within acceptable levels, which in particular had been a problem for some of the bloatier anti-malware programs often seen pre-loaded onto consumer-targeted PCs, not just during startup and shutdown, but also during common day-to-day activities.

Since Mr. Patrizio didn't bother to use Windows 8 for any length of time, though, he didn't find out about the performance improvements, which, I suppose, is why we are commenting on his rather sad polemic.

Regards

Aryeh Goretsky

http://it.slashdot.org/story/12/07/25/1612236/father-of-ssh-says-security-is-getting-worse

The article linked from that Slashdot story states:

Page not found

The Network World page that you have requested cannot be found by our friendly robots. The page you are looking for may have been removed, had its name changed, or may be temporarily unavailable. If you followed this link from outside our site, we'd appreciate if you'd let the owner of the referring site know.

So is the solution just to take everything off the web entirely? But then I realized that can't be right, and the real article is here.

SSH

The "key continuity management" model, used by SSH and by HTTPS sites using self-signed certificates, is vulnerable to a day-one man in the middle without some out-of-band method for verifying the key fingerprint. Tatu Ylonen's article didn't appear to describe in detail how this might be changed.

Meet the new boss...

Same as the old boss...